How to redirect users to an HTTPS web-page

Started by Darcy

Darcy

How to redirect users to an HTTPS web-page   11 July 2022, 13:47

We provide Internet to customers using the network setup like this. We have Bandwidth Manager installed on a server with a LAN and WAN adapter.

When customers are behind on their bill, we want to redirect them to a notification page. It used to work using the mapping to "http://ourwebsite.net" but when browsers no longer support unsecure HTTP protocol, that stopped working. I've been unable to make it work with "https://ourwebsite.net". I've also tried to host the page on the same server and use "redirect to local port", but that hasn't worked either.

Let me know what information I can provide to enable you to help me make this work. I could even set up a temporary account for you to login to the server. I've attached a backup [link] in case it helps.

Thank you in advance.
SoftPerfect Support forum - Ann avatar image
Ann

Re: How to redirect users to an HTTPS web-page   11 July 2022, 15:31

Redirecting HTTPS is very different to redirecting HTTP. Essentially this would need to employ a man-in-the-middle technique. For example, if a customer requests https://www.google.com, the browser expects a certificate matching that domain name, which of course only Google has, and which is the whole point of HTTPS. The redirect may instead reply with a self-signed certificate, basically saying, "Okay, I am Google, but I cannot be trusted". At this point the browser either displays a warning, or completely blocks the connection. Things like HSTS and certificate pinning may make it even more complicated and less likely to work.

There is no HTTPS server in the Bandwidth Manager and it's not capable of issuing self-signed certificates on the fly either. But even if it could, it would not work in many cases as browsers tend to get stricter about HTTPS errors, for security reasons. Of course, you could install an HTTPS web server with a self-signed certificate on the same host and redirect packets arriving at port 443 to that server, but again it's not likely to work due to the reasons outlined above.

Here is a discussion about captive portal redirects. The conclusion is that it usually does not work. A user has to open a HTTP (not HTTPS) page to be sent away to a different web-site.

Reply to this topic

Sometimes you can find a solution faster if you try the forum search, have a look at the knowledge base, or check the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • Write in English. If possible, check your spelling and grammar.

Author:

Email:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

 **     **  **      **   *******    ******    **     ** 
 **     **  **  **  **  **     **  **    **    **   **  
 **     **  **  **  **  **     **  **           ** **   
 *********  **  **  **   ********  **   ****     ***    
 **     **  **  **  **         **  **    **     ** **   
 **     **  **  **  **  **     **  **    **    **   **  
 **     **   ***  ***    *******    ******    **     ** 

Message: